Implementation: This is generally a logical flaw or a typo introduced completely at implementation time.

Implementation: This is generally a logical flaw or a typo introduced completely at implementation time.

−

==Platform ==

+

'''Platform'''

Languages: All

Languages: All

Line 19:

Line 30:

Operating platforms: All

Operating platforms: All

−

==Required resources ==

+

'''Required resources'''

Any

Any

−

==Severity ==

+

'''Severity'''

Medium

Medium

−

==Likelihood of exploit ==

+

'''Likelihood of exploit'''

Medium

Medium

−

==Avoidance and mitigation ==

+

If a function returns an error, it is important to either fix the problem and try again, alert the user that an error has happened and let the program continue, or alert the user and close and cleanup the program.

−

Implementation: Properly handle each exception. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.

−

==Discussion ==

+

==Risk Factors==

−

If a function returns an error, it is important to either fix the problem and try again, alert the user that an error has happened and let the program continue, or alert the user and close and cleanup the program.

+

TBD

−

==Examples ==

+

==Examples==

In C:

In C:

Line 64:

Line 74:

</pre>

</pre>

−

==Related problems ==

−

Not available.

+

==Related [[Attacks]]==

+

* [[Attack 1]]

+

* [[Attack 2]]

−

[[Category:Vulnerability]]

−

[[Category:Error Handling Vulnerability]]

+

==Related [[Vulnerabilities]]==

−

[[Category:General Logic Error Vulnerability]]

+

* [[Vulnerability 1]]

+

* [[Vulnerabiltiy 2]]

+

+

==Related [[Controls]]==

+

+

* Implementation: Properly handle each exception. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.

+

+

==Related [[Technical Impacts]]==

+

+

* [[Technical Impact 1]]

+

* [[Technical Impact 2]]

+

+

+

==References==

+

+

TBD

+

+

[[Category:FIXME|add links

+

+

In addition, one should classify vulnerability based on the following subcategories: Ex:<nowiki>[[Category:Error Handling Vulnerability]]</nowiki>

Description

Implementation: This is generally a logical flaw or a typo introduced completely at implementation time.

Platform

Languages: All

Operating platforms: All

Required resources

Any

Severity

Medium

Likelihood of exploit

Medium

If a function returns an error, it is important to either fix the problem and try again, alert the user that an error has happened and let the program continue, or alert the user and close and cleanup the program.

Risk Factors

TBD

Examples

In C:

foo=malloc(sizeof(char);
//the next line checks to see if malloc failed
if (foo==0) {
//We do nothing so we just ignore the error.
}

Implementation: Properly handle each exception. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.